<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2016/11/29
 * Time: 9:57
 */
$error = array();
if(!empty(!$_POST))
    $username = isset($_POST['username']) ? trim($_POST['username']):'';
    $password = isset($_POST['password']) ? trim($_POST['password']):'';
require 'check_form.lib.php';
if($result = checkUsername($username) !==true) $error = $result;
if($result = checkPassword($password) !==true) $error = $result;
if(empty($error)){
    $link = mysqli_connect('localhost','root','','itcast');
    if(!$link) {
        die('链接数据库失败' . mysqli_error($link));
    }
    mysqli_query($link,'set names utf8');
    $username = mysqli_real_escape_string($username);
    $sql = "select `id`,`password`form `user`where `username`= '$username'";
    if($rst = mysqli_query($sql)){
        $row = mysqli_fetch__assoc($rst);
        $password =md5($password);
        if($password == $row['password']){
            die('欢迎登录！');
        }
    }
    if($password = $row['password']){
        session_start();
        $_SESSION['userinfo'] = array(
            'id'=>$row['id'];
            'usernme' => $username;
        );
        header('Location:user.php');
    }
    $error[] = '用户名不存在或密码错误。';
}

